Security Operations Manager
Hong Kong, HK, HK
Job Summary:
We are seeking an experienced Security Operations Manager to manage the day-to-day security operation for protecting of our hybrid cloud environment, covering public cloud (AWS/Azure/GCP), private cloud, data centers, and on-premises systems. This role will oversee the execution of enterprise firewall policies, proxy security, SOC operations, VPN management, and network security across all environments, ensuring a unified security posture.
Key Responsibilities:
1. Hybrid Cloud & Network Security Management
- Manage next-generation firewalls (e.g. NGA/P, Palo Alto, Fortinet, Cisco Firepower) across on-premises, cloud, and hybrid environments.
- Manage cloud-native security tools (e.g. AWS GuardDuty, Azure Sentinel, GCP Security Command Center).
- Implement and enforce secure web gateway (SWG) and proxy policies (e.g. Zscaler, Netskope, Blue Coat).
- Design and optimize hybrid VPN solutions (e.g. site-to-site, client VPN, Zero Trust Network Access).
- Ensure network segmentation, micro-segmentation, and Zero Trust principles across all environments.
2. Security Operations Center (SOC) Leadership
- Collaborate with 24/7 SOC operations with a focus on multi-cloud and on-premises threat detection.
- Support threat-hunting playbooks for cloud and data center environments.
- Lead incident response (IR) for cross-environment security breaches (cloud misconfigurations, on-premises intrusions).
3. Cloud & Data Center Security
- Implement cloud security posture management (CSPM) and infrastructure-as-code (IaC) security scanning.
- Harden private cloud (VMware, OpenStack) and on-premises data center security.
- Manage privileged access security (PAM) for hybrid environments.
- Conduct cloud penetration testing and vulnerability assessments.
4. Compliance & Governance
- Ensure compliance e.g. ISO 27001, NIST CSF, CIS Benchmarks, and cloud-specific frameworks (AWS Well-Architected, Azure CAF).
- Maintain security policies for hybrid environments (data residency, encryption, IAM controls).
- Lead internal/external audits (SOC 2, PCI DSS, HIPAA, GDPR).
-Support the execution of security procedures for managing risks, vulnerabilities, threats, access, data security, supplier compliance and lifecycle security.
5. Team & Vendor Management
- Lead a cross-functional security team (SOC analysts, cloud security engineers, network security specialists).
- Manage MSSP relationships and third-party security vendors.
- Provide training and mentorship on cloud and hybrid security best practices.
Required Qualifications:
- 7+ years in security operations, with 5+ years in hybrid cloud/on-premises security.
- Good expertise in:
- Public cloud security (AWS, Azure, GCP)
- Firewall, proxy, VPN, and network security
- SIEM/SOAR and SOC operations
- Data center and on-premises security hardening
- Certifications: CISSP, CCSP, AWS/Azure Security, PCNSE, CCNP Security.
- Experience with Kubernetes security, DevSecOps, and IaC (Terraform, Ansible).
Work Environment:
- Hybrid work model (on-site for critical infrastructure, remote for SOC oversight).
- Participation in on-call rotation for security incidents.
- Collaboration with different stakeholders including application, infrastructure, business and compliance teams.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Ansible Audits AWS Azure CCNP CCSP CISSP Cloud Compliance CSPM DevSecOps Encryption Firewalls GCP GDPR Governance HIPAA IAM Incident response ISO 27001 Kubernetes Network security NIST OpenStack PCI DSS Pentesting Sentinel SIEM SOAR SOC SOC 2 Terraform Threat detection Vendor management VMware VPN Vulnerabilities Zero Trust ZTNA
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.